feat: add deploy script #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous Integration and Delivery | |
| on: [push] | |
| env: | |
| WEB_IMAGE: ghcr.io/$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')/web | |
| NGINX_IMAGE: ghcr.io/$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')/nginx | |
| jobs: | |
| build: | |
| name: Build Docker Images | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout master | |
| uses: actions/checkout@v1 | |
| - name: Add environment variables to .env | |
| run: | | |
| echo DEBUG=0 >> .env | |
| echo SQL_ENGINE=django.db.backends.postgresql >> .env | |
| echo DATABASE=postgres >> .env | |
| echo SECRET_KEY=${{ secrets.SECRET_KEY }} >> .env | |
| echo SQL_DATABASE=${{ secrets.SQL_DATABASE }} >> .env | |
| echo SQL_USER=${{ secrets.SQL_USER }} >> .env | |
| echo SQL_PASSWORD=${{ secrets.SQL_PASSWORD }} >> .env | |
| echo SQL_HOST=${{ secrets.SQL_HOST }} >> .env | |
| echo SQL_PORT=${{ secrets.SQL_PORT }} >> .env | |
| - name: Set environment variables | |
| run: | | |
| echo "WEB_IMAGE=$(echo ${{env.WEB_IMAGE}} )" >> $GITHUB_ENV | |
| echo "NGINX_IMAGE=$(echo ${{env.NGINX_IMAGE}} )" >> $GITHUB_ENV | |
| - name: Log in to GitHub Packages | |
| run: echo ${PERSONAL_ACCESS_TOKEN} | docker login ghcr.io -u ${{ secrets.NAMESPACE }} --password-stdin | |
| env: | |
| PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
| - name: Pull images | |
| run: | | |
| docker pull ${{ env.WEB_IMAGE }} || true | |
| docker pull ${{ env.NGINX_IMAGE }} || true | |
| - name: Build images | |
| run: | | |
| docker-compose -f docker-compose.ci.yml build | |
| - name: Push images | |
| run: | | |
| docker push ${{ env.WEB_IMAGE }} | |
| docker push ${{ env.NGINX_IMAGE }} | |
| deploy: | |
| name: Deploy to DigitalOcean | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout master | |
| uses: actions/checkout@v1 | |
| - name: Add environment variables to .env | |
| run: | | |
| echo DEBUG=0 >> .env | |
| echo SQL_ENGINE=django.db.backends.postgresql >> .env | |
| echo DATABASE=postgres >> .env | |
| echo SECRET_KEY=${{ secrets.SECRET_KEY }} >> .env | |
| echo SQL_DATABASE=${{ secrets.SQL_DATABASE }} >> .env | |
| echo SQL_USER=${{ secrets.SQL_USER }} >> .env | |
| echo SQL_PASSWORD=${{ secrets.SQL_PASSWORD }} >> .env | |
| echo SQL_HOST=${{ secrets.SQL_HOST }} >> .env | |
| echo SQL_PORT=${{ secrets.SQL_PORT }} >> .env | |
| echo WEB_IMAGE=${{ env.WEB_IMAGE }} >> .env | |
| echo NGINX_IMAGE=${{ env.NGINX_IMAGE }} >> .env | |
| echo NAMESPACE=${{ secrets.NAMESPACE }} >> .env | |
| echo PERSONAL_ACCESS_TOKEN=${{ secrets.PERSONAL_ACCESS_TOKEN }} >> .env | |
| - name: Add the private SSH key to the ssh-agent | |
| env: | |
| SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
| run: | | |
| mkdir -p ~/.ssh | |
| ssh-agent -a $SSH_AUTH_SOCK > /dev/null | |
| ssh-keyscan github.com >> ~/.ssh/known_hosts | |
| ssh-add - <<< "${{ secrets.PRIVATE_KEY }}" | |
| - name: Build and deploy images on DigitalOcean | |
| env: | |
| SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
| run: | | |
| scp -o StrictHostKeyChecking=no -r ./.env ./docker-compose.prod.yml root@${{ secrets.DIGITAL_OCEAN_IP_ADDRESS }}:/app | |
| ssh -o StrictHostKeyChecking=no root@${{ secrets.DIGITAL_OCEAN_IP_ADDRESS }} << 'ENDSSH' | |
| cd /app | |
| source .env | |
| docker login ghcr.io -u $NAMESPACE -p $PERSONAL_ACCESS_TOKEN | |
| docker pull $WEB_IMAGE | |
| docker pull $NGINX_IMAGE | |
| docker-compose -f docker-compose.prod.yml up -d | |
| ENDSSH |